Date: Thu, 21 Sep 2006 20:50:22 -0400
From: "Darrell D. Mobley" <dmobley (at mark) uhostme.net>
Subject: [coba-e:07171] Today's Kiddie Attack
To: <coba-e (at mark) bluequartz.org>
Message-Id: <006101c6dde1$16a6fb60$6400a8c0@YOUR4105E587B6>
In-Reply-To: <000401c6dcd1$1aa11e00$0c4dfd42@work>
X-Mail-Count: 07171
The changes I have made to the SYN cookies seem to be helping, but it would
sure be interesting to drop a 20 megaton bomb on these people:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State User Inode PID/Program name
tcp 0 0 216.130.248.52:80 192.168.1.4:2911
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2845
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2885
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2894
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2902
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2907
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2928
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2832
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2889
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2905
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2829
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2883
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2909
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2849
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2930
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2814
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2884
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2819
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2914
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2891
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2922
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2908
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2903
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2868
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2810
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2906
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2872
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2888
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2893
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2825
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2887
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2904
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2812
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2833
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2871
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2910
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2847
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2837
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2918
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2892
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2925
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2890
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2848
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2830
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2875
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2920
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2876
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2874
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2839
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2817
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2886
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2870
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2926
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2901
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2823
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.3:2916
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2835
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2912
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2821
SYN_RECV 0 0 -
tcp 0 0 216.130.248.52:80 192.168.1.4:2873
SYN_RECV 0 0 -